{"id":91547,"date":"2023-05-16T21:34:04","date_gmt":"2023-05-16T21:34:04","guid":{"rendered":"https:\/\/www.techrepublic.com\/?p=4093199"},"modified":"2023-05-16T21:34:04","modified_gmt":"2023-05-16T21:34:04","slug":"sticking-to-traditional-security-playbook-is-mistake-for-cloud-security-palo-alto-networks-svp","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=91547","title":{"rendered":"Sticking to traditional security playbook is mistake for cloud security: Palo Alto Networks SVP"},"content":{"rendered":"<figure id=\"attachment_4093205\" aria-describedby=\"caption-attachment-4093205\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-article wp-image-4093205\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2023\/05\/sticking-to-traditional-security-playbook-is-mistake-for-cloud-security-palo-alto-networks-svp.jpg\" alt=\"A phone with the Palo Alto Networks logo above a screen that says cyber security.\" width=\"770\" height=\"513\"><figcaption id=\"caption-attachment-4093205\" class=\"wp-caption-text\">Image: Rafael Henrique\/Adobe Stock<\/figcaption><\/figure>\n<p>Worldwide spending on public cloud services is <a href=\"https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2022-10-31-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-reach-nearly-600-billion-in-2023\" target=\"_blank\" rel=\"noopener noreferrer\">set to grow<\/a> 20.7% to total $591.8 billion in 2023, according to Gartner, and threat actors are getting better at exploiting unpatched vulnerabilities.<\/p>\n<p>Recent <a href=\"https:\/\/www.paloaltonetworks.com\/prisma\/unit42-cloud-threat-research\" target=\"_blank\" rel=\"noopener noreferrer\">research<\/a> by Palo Alto Networks\u2019 Unit 42 found that more than 60% of organizations take over four days to resolve security issues, over 63% of codebases in production have unpatched vulnerabilities, and threat actors exploit a misconfiguration or vulnerability within hours.<\/p>\n<p>The company\u2019s Prisma Cloud is a top security player in spotting vulnerabilities in cloud-native application development and deployment. TechRepublic spoke with Ankur Shah, SVP and general manager of Prisma Cloud, about what cloud security means and how IT pros and decision makers should think beyond the traditional cybersecurity playbook when it comes to cloud security.<\/p>\n<p><strong>TechRepublic:<\/strong> How has hybrid work and migration to cloud business informed what Palo Alto\u2019s Prisma does?<\/p>\n<p><strong>Ankur Shah:<\/strong> Before the cloud, security was like a house with one front door, a camera and a security guard: one level of security and you\u2019re good to go. Now security is very dynamic. Every house looks and feels different. There are windows and doors and you don\u2019t always know which are open, and the crown jewels are inside. So there\u2019s a lot of \u201clift and shift\u201d [the process of migrating applications and systems to the cloud] with customers rewriting applications \u2014 building \u201chouses\u201d in cloud infrastructure, and the security person at IT does not have as much control over how these houses get built.<\/p>\n<p><strong>TechRepublic:<\/strong> Developers do, nowadays.<\/p>\n<p><strong>Ankur Shah:<\/strong> \u2026 Because every company is becoming a digital company. If I\u2019m Home Depot, I am a technology company that happens to be in home hardware; if I\u2019m Pfizer, I\u2019m a technology company that happens to be doing pharmaceuticals: today people are using AWS or another cloud service provider and developing their own software. So, yes, developers can have outsized influence because they have to build fast. Today there are over 33 million developers and fewer than three million security people who actually know the cloud. I don\u2019t have data for this one, but I would guess that there are probably fewer than 20,000 people in the world who really understand cloud and security.<\/p>\n<p><strong>TechRepublic:<\/strong> But isn\u2019t cloud security pretty much what most security is about now?<\/p>\n<aside class=\"pinbox right\">\n<h3 class=\"heading\">Must-read security coverage<\/h3>\n<\/aside>\n<p><strong>Ankur Shah:<\/strong> You have to understand that the bulk of the security professionals come out of an understanding of network and endpoint security. A lot of security people are using the same playbook that we used back in the day and applying it in the cloud. It\u2019s a very different paradigm now, though. The way workloads get deployed in the public cloud \u2014 the windows and doors of the house \u2014&nbsp; is very dynamic. You don\u2019t rack and stack a server anymore. You click a button \u2026 or you don\u2019t even have to click a button. Through automation, you can create literally hundreds of thousands of workloads in the cloud today. So these are the best of times, these are the worst of times if you\u2019re in security.<\/p>\n<p><strong>TechRepublic:<\/strong> Should cloud providers be doing more in terms of securing what enterprises enact in cloud environments?<\/p>\n<p><strong>Ankur Shah:<\/strong> If you look at AWS, Azure, Google Cloud, IBM, Oracle and the others \u2026 you can have one cloud provider alone with over 200 cloud services that developers are using to build new applications. The cloud providers say, \u201cLook, I will secure the infrastructure layer, but what you put in your applications, I don\u2019t have responsibility, that\u2019s up to you.\u201d When I was a developer, we would ship that code once a year. Now customers are shipping code daily. So the CI\/CD [continuous integration\/continuous deployment] pipeline has reduced significantly now.<\/p>\n<p><strong>TechRepublic:<\/strong> Palo Alto Prisma Cloud is about securing that entire CI\/CD process, correct?<\/p>\n<p><strong>Ankur Shah:<\/strong> The entire code-to-cloud journey \u2026 often involves 7, 8, 9 tools. The left doesn\u2019t talk to the right, right doesn\u2019t talk to the middle, middle doesn\u2019t talk to the right. So, yes, Prisma Cloud\u2019s mission has been to deliver code-to-cloud security at each stage of the pipeline. There will be security problems once things are in production. Continuously monitoring the final product to ensure that security holes are not left is also a big part of what we do.<\/p>\n<p><strong>TechRepublic:<\/strong> Even with code-to-cloud security there will still be exploitable critical vulnerabilities, don\u2019t you need multiple tools to deal with this in development and production?<\/p>\n<p><strong>Ankur Shah:<\/strong> Well, there are two ways to not solve that problem. One is if you have multiple tools that aren\u2019t integrated, which is what much of the security industry is today. There are 3,000 different vendors, 200 in cloud security alone. And everybody\u2019s trying to sell point solutions. It\u2019s not going to save the day for you. More tools make you less secure, not more.<\/p>\n<p><strong>TechRepublic:<\/strong> Which I assume is why enterprises are moving away from collecting point solutions toward platforms like extended detection and response, or XDR, in Security Operations Center contexts.<\/p>\n<p><strong>Ankur Shah:<\/strong> There is a big consolidation movement because customers can\u2019t keep on repeating the sins of the past and have multiple tools, point products, but in security, good enough is not good enough. You have to be best in class.<\/p>\n<p><strong>TechRepublic:<\/strong> Is DevSecOps fundamentally different than what is happening in the world of SOCs and does Prisma Cloud respond to both contexts?<\/p>\n<p><strong>Ankur Shah:<\/strong> Tools like XDR for SOC are out there for doing threat detection prevention. If you have software already in production and an intruder gets in, Prisma Cloud will detect it and we will send those signals to the SOC. From the code to the cloud process, there are risk signals, and Prisma\u2019s job is to prevent those problems to begin with.<\/p>\n<p><strong>TechRepublic:<\/strong> What are some uses of large language models in cloud security?<\/p>\n<p><strong>Ankur Shah:<\/strong> My vision is to leverage AI for two purposes: to improve the user experience and to improve the security outcomes. It\u2019s really that simple. Customers today are asking simple questions, but to answer those questions we often have pages and pages of product information. With AI, why can\u2019t you ask something like, \u201cHey, what\u2019s my top security priority? What\u2019s the next incident that I can expect?\u201d In the future of security, users are going to be engaging with AI to help solve problems for these kinds of queries. That speaks to the user experience aspect of it. The security outcome is a lot of the stuff that we did already in AI. You can expect us to do more and more in the future with automation, more AI and machine learning because it\u2019s really connecting the dots to ensure that if there is a breach \u2014 if there is a security incident \u2014 we\u2019re able to detect it sooner than later.<\/p>\n<p> <!-- default newsletter at the end --> <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Image: Rafael Henrique\/Adobe Stock Worldwide spending on public cloud services is set to grow 20.7% to total $591.8 billion in 2023, according to Gartner, and threat actors are getting better at exploiting unpatched vulnerabilities. Recent research by Palo Alto Networks\u2019 Unit 42 found that more than 60% of organizations take over four days to resolve [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":91548,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49,77,40,783,689,533,287,27,159],"tags":[],"class_list":["post-91547","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai","category-artificial-intelligence","category-cloud","category-cloudsync","category-devops","category-it","category-security","category-software","category-threats"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/91547","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=91547"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/91547\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/91548"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=91547"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=91547"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=91547"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}